[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: nss_ldap periodic errors

To: openldap-technical@openldap.org
Subject: Re: nss_ldap periodic errors
From: Ralf Haferkamp <rhafer@suse.de>
Date: Wed, 27 Feb 2008 09:24:03 +0100
Cc: Andreas Hasenack <ahasenack@terra.com.br>, Kamil Kisiel <kamil@kamilkisiel.net>
Content-disposition: inline
In-reply-to: <1204081427.25473.0.camel@duo.lowtech>
References: <66d392400802252307u79d2839flca0a171ce8143e92@mail.gmail.com> <66d392400802261849u4ac46879n6dd678a400bfba5d@mail.gmail.com> <1204081427.25473.0.camel@duo.lowtech>
User-agent: KMail/1.9.6 (enterprise 20070904.708012)

On Mittwoch, 27. Februar 2008, Andreas Hasenack wrote:
> On Ter, 2008-02-26 at 18:49 -0800, Kamil Kisiel wrote:
> > On Tue, Feb 26, 2008 at 8:03 AM, Andreas Hasenack
> >
> > <ahasenack@terra.com.br> wrote:
> > > On Seg, 2008-02-25 at 23:07 -0800, Kamil Kisiel wrote:
> > >  > I'm using nss_ldap on a whole bunch of machines on the
> > >  > network, and while it works great most of the time, I
> > >  > continuously get errors in my syslog. A sampling from today
> > >  > (these are actually from different machines, but I have
> > >  > anonymized the hostnames to be the same.):
> > >  >
> > >  > Feb 25 09:30:25 server.example.com sshd[17495]: nss_ldap:
> > >  > could not search LDAP server - Server is unavailable
> > >  > Feb 25 11:11:08 server.example.com -bash: nss_ldap: could not
> > >  > search LDAP server - Server is unavailable
> > >  > Feb 25 21:50:01 server.example.com automount[5030]: nss_ldap:
> > >  > could not search LDAP server - Server is unavailable
> > >  > Feb 25 21:55:16 server.example.com nscd: nss_ldap: could not
> > >  > search LDAP server - Server is unavailable
> > >
> > >  This happens with processes that do fork(). Samba is a great
> > > example. Newer versions of nss_ldap have this fixed (I can't
> > > precise which version right now).
> >
> > I doubt this is the case, as I am currently running version 258.
> > I've updated to the latest 259 just in case it does make a
> > difference, but I didn't see anything in the changelog that seemed
> > to indicate it would fix anything.
>
> This is what I was thinking about:
> 257     Luke Howard <lukeh@padl.com>
>
>         * patch from Ralf Haferkamp <rhafer@suse.de>:
>           block SIGPIPE in atfork handler

That patch had nothing to do with the above issue. Without the patch 
applications using nss_ldap sometimes just crashed silently after the 
fork. At least when SSL/TLS was enabled.
The above logs could even be harmless I think, it might be that the LDAP 
server was just restarted or closed the connection because of an 
idletimeout. Very hard to say without really knowing under what 
circumstances that happened.

> Anyway, you should probably take this to the nssldap@padl.com mailing
> list.
Yes, that would probably be better.

-- 
Ralf

References:
- nss_ldap periodic errors
  - From: "Kamil Kisiel" <kamil@kamilkisiel.net>
- Re: nss_ldap periodic errors
  - From: "Kamil Kisiel" <kamil@kamilkisiel.net>
- Re: nss_ldap periodic errors
  - From: Andreas Hasenack <ahasenack@terra.com.br>

Prev by Date: RE: LDAP Writes are not propagated to mirror nodes.
Next by Date: Re: LDAP add fails with Protocol Error
Index(es):
- Chronological
- Thread